<?php
/**
 *
 * @category    API
 * @package     Api_Company
 * @subpackage  Model
 * @author      trungpm
 */
class Api_Model_Company {
    /* Verify that the company is valid, and doesn't already exist.
     * author: trungpm
     */
    function VerifyCompanyNoExists($CompanyId, $i, $Errors, $db) {
        if ((strlen($CompanyId) < 1)) {
            $Errors[$i] = IncorrectCompanyNumber;
        }
        $Searchsql = 'SELECT count(coycode) as c FROM companies WHERE coycode=\'' . $CompanyId . '\'';
        $SearchResult = DB_query($Searchsql, $db);
        $answer = DB_fetch_array($SearchResult, SQLSRV_FETCH_ASSOC);
        if ($answer['c'] != 0) {
            $Errors[$i] = CompanyNoAlreadyExists;
        }
        DB_free_result($SearchResult);
        return $Errors;
    }

    /* Get company.
     * author: trungpm
     */
    function GetCompanyById($CompanyId, $user, $password) {
        $db = db($user, $password);
        if (gettype($db) == 'integer') {
            $Errors[0] = NoAuthorisation;
            return $Errors;
        }
        $Errors = $this -> VerifyCompanyNoExists($CompanyId, sizeof($Errors), $Errors, $db);
        if (sizeof($Errors) == 0) {
            return $Errors;
        }
        $sql = 'SELECT
                    coycode,
                    coyname,
                    companynumber,
                    regoffice1,
                    regoffice2,
                    regoffice3,
                    telephone,
                    fax,
                    email,
                    banknumber,
                    bank,
                    taxcode
                FROM companies WHERE coycode=\'' . $CompanyId . '\'';
        $result = DB_Query($sql, $db);
        if (sizeof($Errors) != 0) {
            $arrResult = DB_fetch_array($result);
            DB_free_result($result);
            return $arrResult;
        } else {
            return $Errors;
        }
    }

    /* Get company.
     * author: trungpm
     */
    function ModifyCompany($CompanyDetails, $user, $password) {
        $Errors = array();
        $db = db($user, $password);
        if (gettype($db) == 'integer') {
            $Errors[0] = NoAuthorisation;
            return $Errors;
        }
        foreach ($CompanyDetails as $key => $value) {
            $CompanyDetails[$key] = DB_escape_string($value);
        }
        $Errors = $this -> VerifyCompanyNoExists($CompanyId, sizeof($Errors), $Errors, $db);
        if (sizeof($Errors) == 0) {
            return $Errors;
        }
        $sql = 'UPDATE companies SET ';
        foreach ($CompanyDetails as $key => $value) {
            $sql .= $key . '=N\'' . $value . '\', ';
        }
        $sql = substr($sql, 0, -2) . ' WHERE coycode=\'' . $CompanyDetails['coycode'] . '\'';

        if (sizeof($Errors) != 0) {
            $result = DB_Query($sql, $db);
            if (!isset($result) || !$result) {
                $Errors[0] = DatabaseUpdateFailed;
            } else {
                $Errors[0] = 0;
            }
        }
        return $Errors;
    }

}
?>
